diff options
-rw-r--r-- | devel/fuzz/README.md | 25 | ||||
-rw-r--r-- | tests/Makefile.am | 1 | ||||
-rw-r--r-- | tests/psk-client.c | 113 | ||||
-rw-r--r-- | tests/psk-server.c | 113 | ||||
-rw-r--r-- | tests/srp-client.c | 113 | ||||
-rw-r--r-- | tests/srp-server.c | 113 |
6 files changed, 471 insertions, 7 deletions
diff --git a/devel/fuzz/README.md b/devel/fuzz/README.md index 698db2f4ed..575f80e091 100644 --- a/devel/fuzz/README.md +++ b/devel/fuzz/README.md @@ -55,13 +55,17 @@ sudo docker run --rm -e ASAN_OPTIONS="detect_leaks=0" -ti -v $FILE:/testcase oss For the following tests dropping a file to a subdirectory in tests is sufficient: -| Fuzzer | Directory | -|:----------------------------:|:--------------------------:| -|gnutls_client_fuzzer | tests/client-interesting | -|gnutls_server_fuzzer | tests/server-interesting | -|gnutls_pkcs7_parser_fuzzer | tests/pkcs7-interesting | -|gnutls_x509_parser_fuzzer | tests/certs-interesting | -|gnutls_ocsp_resp_parser_fuzzer| tests/ocsp-resp-interesting| +| Fuzzer | Directory | +|:----------------------------:|:---------------------------:| +|gnutls_client_fuzzer | tests/client-interesting | +|gnutls_server_fuzzer | tests/server-interesting | +|gnutls_psk_client_fuzzer | tests/psk-client-interesting| +|gnutls_psk_server_fuzzer | tests/psk-server-interesting| +|gnutls_srp_client_fuzzer | tests/srp-client-interesting| +|gnutls_srp_server_fuzzer | tests/srp-server-interesting| +|gnutls_pkcs7_parser_fuzzer | tests/pkcs7-interesting | +|gnutls_x509_parser_fuzzer | tests/certs-interesting | +|gnutls_ocsp_resp_parser_fuzzer| tests/ocsp-resp-interesting | The following require modifying a test case. Mappings are shown in the table below. @@ -71,3 +75,10 @@ table below. |gnutls_dn_parser_fuzzer |tests/x509-dn-decode.c | |gnutls_pkcs8_key_parser_fuzzer |tests/key-tests/pkcs8-invalid,tests/key-tests/pkcs8-decode| |gnutls_private_key_parser_fuzzer |tests/key-tests/key-invalid | + + +# Missing fuzzers + + * TLS resumption + * TLS rehandshake + * Fuzzying past finished message processing diff --git a/tests/Makefile.am b/tests/Makefile.am index a3d48252ed..1a5f9bea03 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -96,6 +96,7 @@ ctests = mini-record-2 simple gc set_pkcs12_cred cert certuniqueid tls-neg-ext-k tls10-server-kx-neg tls11-server-kx-neg tls12-server-kx-neg ssl30-server-kx-neg \ tls12-cipher-neg tls11-cipher-neg tls10-cipher-neg ssl30-cipher-neg \ crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain tls-rehandshake-cert-3 \ + psk-server psk-client srp-server srp-client \ nul-in-x509-names x509_altname pkcs12_encode mini-x509 ocsp-resp \ tls-rehandshake-cert rng-fork mini-eagain-dtls resume-dtls \ x509cert x509cert-tl infoaccess mini-dtls-hello-verify sign-verify-ed25519-rfc8080 \ diff --git a/tests/psk-client.c b/tests/psk-client.c new file mode 100644 index 0000000000..3622f7207f --- /dev/null +++ b/tests/psk-client.c @@ -0,0 +1,113 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * Copyright 2016 Alex Gaynor, Google Inc. + * + * Author: Nikos Mavrogiannopoulos, Alex Gaynor + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <stdlib.h> +#include <stdint.h> +#include <limits.h> +#include <dirent.h> + +#include "utils.h" + +#define true 1 + +/* This program will load certificates from CERT_DIR and try to print + * them. If CERT_DIR/certname.err is available, it should contain the + * error code that gnutls_x509_crt_import() should return. + */ + +#define CERT_DIR "psk-client-interesting" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); + +static int getnext(DIR **dirp, gnutls_datum_t *der) +{ + struct dirent *d; + char path[256]; + char cert_dir[256]; + const char *src; + int ret; + + src = getenv("srcdir"); + if (src == NULL) + src = "."; + + snprintf(cert_dir, sizeof(cert_dir), "%s/%s", src, CERT_DIR); + + if (*dirp == NULL) { + *dirp = opendir(cert_dir); + if (*dirp == NULL) + return -1; + } + + do { + d = readdir(*dirp); + if (d != NULL +#ifdef _DIRENT_HAVE_D_TYPE + && d->d_type == DT_REG +#endif + ) { + if (strstr(d->d_name, ".raw") == 0) + continue; + snprintf(path, sizeof(path), "%s/%s", cert_dir, d->d_name); + + success("Loading %s\n", path); + ret = gnutls_load_file(path, der); + if (ret < 0) { + return -1; + } + + return 0; + } + } while(d != NULL); + + closedir(*dirp); + return -1; /* finished */ +} + +#include "../devel/fuzz/gnutls_psk_client_fuzzer.cc" + +void doit(void) +{ + int ret; + gnutls_datum_t raw; + DIR *dirp = NULL; + + ret = global_init(); + if (ret < 0) + fail("init %d\n", ret); + + while (getnext(&dirp, &raw)==0) { + LLVMFuzzerTestOneInput(raw.data, raw.size); + gnutls_free(raw.data); + raw.data = NULL; + raw.size = 0; + } + + gnutls_global_deinit(); +} diff --git a/tests/psk-server.c b/tests/psk-server.c new file mode 100644 index 0000000000..375a629c27 --- /dev/null +++ b/tests/psk-server.c @@ -0,0 +1,113 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * Copyright 2016 Alex Gaynor, Google Inc. + * + * Author: Nikos Mavrogiannopoulos, Alex Gaynor + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <stdlib.h> +#include <stdint.h> +#include <limits.h> +#include <dirent.h> + +#include "utils.h" + +#define true 1 + +/* This program will load certificates from CERT_DIR and try to print + * them. If CERT_DIR/certname.err is available, it should contain the + * error code that gnutls_x509_crt_import() should return. + */ + +#define CERT_DIR "psk-server-interesting" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); + +static int getnext(DIR **dirp, gnutls_datum_t *der) +{ + struct dirent *d; + char path[256]; + char cert_dir[256]; + const char *src; + int ret; + + src = getenv("srcdir"); + if (src == NULL) + src = "."; + + snprintf(cert_dir, sizeof(cert_dir), "%s/%s", src, CERT_DIR); + + if (*dirp == NULL) { + *dirp = opendir(cert_dir); + if (*dirp == NULL) + return -1; + } + + do { + d = readdir(*dirp); + if (d != NULL +#ifdef _DIRENT_HAVE_D_TYPE + && d->d_type == DT_REG +#endif + ) { + if (strstr(d->d_name, ".raw") == 0) + continue; + snprintf(path, sizeof(path), "%s/%s", cert_dir, d->d_name); + + success("Loading %s\n", path); + ret = gnutls_load_file(path, der); + if (ret < 0) { + return -1; + } + + return 0; + } + } while(d != NULL); + + closedir(*dirp); + return -1; /* finished */ +} + +#include "../devel/fuzz/gnutls_psk_server_fuzzer.cc" + +void doit(void) +{ + int ret; + gnutls_datum_t raw; + DIR *dirp = NULL; + + ret = global_init(); + if (ret < 0) + fail("init %d\n", ret); + + while (getnext(&dirp, &raw)==0) { + LLVMFuzzerTestOneInput(raw.data, raw.size); + gnutls_free(raw.data); + raw.data = NULL; + raw.size = 0; + } + + gnutls_global_deinit(); +} diff --git a/tests/srp-client.c b/tests/srp-client.c new file mode 100644 index 0000000000..d4a3f6ce2a --- /dev/null +++ b/tests/srp-client.c @@ -0,0 +1,113 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * Copyright 2016 Alex Gaynor, Google Inc. + * + * Author: Nikos Mavrogiannopoulos, Alex Gaynor + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <stdlib.h> +#include <stdint.h> +#include <limits.h> +#include <dirent.h> + +#include "utils.h" + +#define true 1 + +/* This program will load certificates from CERT_DIR and try to print + * them. If CERT_DIR/certname.err is available, it should contain the + * error code that gnutls_x509_crt_import() should return. + */ + +#define CERT_DIR "srp-client-interesting" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); + +static int getnext(DIR **dirp, gnutls_datum_t *der) +{ + struct dirent *d; + char path[256]; + char cert_dir[256]; + const char *src; + int ret; + + src = getenv("srcdir"); + if (src == NULL) + src = "."; + + snprintf(cert_dir, sizeof(cert_dir), "%s/%s", src, CERT_DIR); + + if (*dirp == NULL) { + *dirp = opendir(cert_dir); + if (*dirp == NULL) + return -1; + } + + do { + d = readdir(*dirp); + if (d != NULL +#ifdef _DIRENT_HAVE_D_TYPE + && d->d_type == DT_REG +#endif + ) { + if (strstr(d->d_name, ".raw") == 0) + continue; + snprintf(path, sizeof(path), "%s/%s", cert_dir, d->d_name); + + success("Loading %s\n", path); + ret = gnutls_load_file(path, der); + if (ret < 0) { + return -1; + } + + return 0; + } + } while(d != NULL); + + closedir(*dirp); + return -1; /* finished */ +} + +#include "../devel/fuzz/gnutls_srp_client_fuzzer.cc" + +void doit(void) +{ + int ret; + gnutls_datum_t raw; + DIR *dirp = NULL; + + ret = global_init(); + if (ret < 0) + fail("init %d\n", ret); + + while (getnext(&dirp, &raw)==0) { + LLVMFuzzerTestOneInput(raw.data, raw.size); + gnutls_free(raw.data); + raw.data = NULL; + raw.size = 0; + } + + gnutls_global_deinit(); +} diff --git a/tests/srp-server.c b/tests/srp-server.c new file mode 100644 index 0000000000..90dbce4574 --- /dev/null +++ b/tests/srp-server.c @@ -0,0 +1,113 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * Copyright 2016 Alex Gaynor, Google Inc. + * + * Author: Nikos Mavrogiannopoulos, Alex Gaynor + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <stdlib.h> +#include <stdint.h> +#include <limits.h> +#include <dirent.h> + +#include "utils.h" + +#define true 1 + +/* This program will load certificates from CERT_DIR and try to print + * them. If CERT_DIR/certname.err is available, it should contain the + * error code that gnutls_x509_crt_import() should return. + */ + +#define CERT_DIR "srp-server-interesting" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); + +static int getnext(DIR **dirp, gnutls_datum_t *der) +{ + struct dirent *d; + char path[256]; + char cert_dir[256]; + const char *src; + int ret; + + src = getenv("srcdir"); + if (src == NULL) + src = "."; + + snprintf(cert_dir, sizeof(cert_dir), "%s/%s", src, CERT_DIR); + + if (*dirp == NULL) { + *dirp = opendir(cert_dir); + if (*dirp == NULL) + return -1; + } + + do { + d = readdir(*dirp); + if (d != NULL +#ifdef _DIRENT_HAVE_D_TYPE + && d->d_type == DT_REG +#endif + ) { + if (strstr(d->d_name, ".raw") == 0) + continue; + snprintf(path, sizeof(path), "%s/%s", cert_dir, d->d_name); + + success("Loading %s\n", path); + ret = gnutls_load_file(path, der); + if (ret < 0) { + return -1; + } + + return 0; + } + } while(d != NULL); + + closedir(*dirp); + return -1; /* finished */ +} + +#include "../devel/fuzz/gnutls_srp_server_fuzzer.cc" + +void doit(void) +{ + int ret; + gnutls_datum_t raw; + DIR *dirp = NULL; + + ret = global_init(); + if (ret < 0) + fail("init %d\n", ret); + + while (getnext(&dirp, &raw)==0) { + LLVMFuzzerTestOneInput(raw.data, raw.size); + gnutls_free(raw.data); + raw.data = NULL; + raw.size = 0; + } + + gnutls_global_deinit(); +} |